Computing resource policies are used in various access control mechanisms to specify the conditions for which actions may be performed on computing resources by users of these computing resources. These computing resource policies provide flexibility to administrators of computing resources to define user roles for accessing these computing resources, as well as the permissions for each user and user role in performing the various actions on the computing resources. However, this flexibility may introduce complexity that might not be desirable under certain circumstances. For example, if an administrator of a computing resource grants users access to a first computing resource, granting additional permissions to these users to access a second computing resource may be difficult, as an administrator may be required to revise existing policies related to the first computing resource to enable user access to the second computing resource.